Some ET rulesets emtpy

Started by Bobox, December 03, 2020, 11:20:37 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 03, 2020, 11:20:37 AM
Hi there,

finally switched from pfSense to OPNsense 20.1 and I really like it :)

I'm using the telemetry rule set with the code from Deciso.
One problem though, I was wondering why Suricata does not catch ET CINS, ET DROP or ET COMPROMISED anymore like it did frequently on my pfSense Suricata.

It seems the respective rulesets are empty, just enabled and downloaded all as a test fo this. All the 58B sized are empty.
How do I fix this?
ufabetyou
December 03, 2020, 02:47:14 PM #1
Hi to OPNsense!

Screenshot of IPS -> Download page maybe? :-)

Where did yo see this 58 bit empty file?

kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
December 03, 2020, 07:54:55 PM #2
Hi,

Maybe the same as https://github.com/opnsense/core/issues/4479 -- telemetry is an ET Pro set and some ET Open sets are not available / deprecated / substituted.


Cheers,
Franco
Print
Go Up Pages1
User actions